<%@ page language="java"%>
<%@ page import="java.sql.*"%>
<%@ page import="java.util.*"%>
<%@ page import="java.io.*"%>
<html>
<head> <title>Add User Screen</title>
</head>
<body>
<center>
<p><font color="#0080FF" size="25">Add User Screen</font></p>
<%
	try
    	{
       	if(session.getAttribute("logged_in") == "true")
		{
           		out.println("<p><h2>Logged In</p><h2>");
			if(session.getAttribute("user_level") == "administrator")
			{
                		out.println("<br>You selected screen id: " + request.getParameter("screen_id") + "<br>");
                		out.println("<br>You selected user id: " + request.getParameter("user_id") + "<br>");
                		String DRIVER = "com.mysql.jdbc.Driver";
				Class.forName(DRIVER);

				Connection con=null;
				ResultSet rst=null;
                		PreparedStatement stmt=null;
				
				
	            		String url="jdbc:mysql://ecstiger.cs.andrews.edu/d562_2010_01?user=u562_2010_01&password=YPJ8f4We";
			 	con=DriverManager.getConnection(url);
				stmt = con.prepareStatement("SELECT * FROM screen, user WHERE screen.id = ? AND user.id = ? ;"); 
			    	stmt.setString(1, request.getParameter("screen_id"));
				stmt.setString(2, request.getParameter("user_id"));
				rst = stmt.executeQuery();
				
 				if(rst.next())
                		{ 
			       	stmt = con.prepareStatement("SELECT * FROM screen_owners WHERE screen_id = ? AND user_id = ? ;"); 
			       
				    	stmt.setString(1, request.getParameter("screen_id"));
				    	stmt.setString(2, request.getParameter("user_id"));
				    	rst = stmt.executeQuery();
                    
					if(!rst.next())
				    	{
						stmt = con.prepareStatement("INSERT INTO `d562_2010_01`.`screen_owners` (`id`, `screen_id`, `user_id`) VALUES ( NULL , ? , ? );");
						stmt.setString(1, request.getParameter("screen_id")); 	
						stmt.setString(2, request.getParameter("user_id")); 				
						int Result = stmt.executeUpdate();
		
						if(Result==1)
						{
							out.println("<br>Add Screen Succesful<br>");
						}
						else
						{
							out.println("<br>Add Unsuccesful<br>");
						}
					}
					else
					{
						out.println("This screen is already been used by the user, and it cannot be added twice.");
					}
				}
				rst.close();
				stmt.close();
				con.close();
			}
			else
			{
				out.println("Normal users are not allowed to do this.<br>");
			}
         	}
            	else
		{
			out.println("Not Logged In");
		}
	}
       catch(Exception e)
       {
           out.println(e);
       }
%>
<br><a href="menu.jsp">Main Menu</a>
</center>
</body>
</table>
</center>
</div>
</body>
</html>
